from samba.samdb import SamDB
import samba.tests.auth_log_base
from samba.credentials import Credentials
from samba.dcerpc import netlogon
from samba.auth import system_session
from samba.tests import delete_force
from samba.dsdb import UF_WORKSTATION_TRUST_ACCOUNT, UF_PASSWD_NOTREQD
from samba.dcerpc.misc import SEC_CHAN_WKSTA
from samba.compat import text_type

class SamLogonBreaker(samba.tests.auth_log_base.AuthLogTestBase):

    def tearDown(self):
        super(SamLogonBreaker, self).tearDown()
        delete_force(self.ldb, self.samlogon_dn)

    def test_test(self):
        lp = samba.tests.env_loadparm()
        creds = Credentials()

        self.ldb = SamDB(
            session_info=system_session(),
            credentials=creds,
            lp=lp)

        netbios_name = "SamLogonTest"
        machinepass = "abcdefghij"
        base_dn = self.ldb.domain_dn()
        self.samlogon_dn = ("cn=%s,cn=users,%s" %
                           (netbios_name, base_dn))

        utf16pw = text_type('"' + machinepass + '"').encode('utf-16-le')
        self.ldb.add({
            "dn": self.samlogon_dn,
            "objectclass": "computer",
            "sAMAccountName": "%s$" % netbios_name,
            "userAccountControl":
                str(UF_WORKSTATION_TRUST_ACCOUNT | UF_PASSWD_NOTREQD),
            "unicodePwd": utf16pw})

        machine_creds = Credentials()
        machine_creds.guess(self.get_loadparm())
        machine_creds.set_secure_channel_type(SEC_CHAN_WKSTA)
        machine_creds.set_password(machinepass)
        machine_creds.set_username(netbios_name + "$")

        binding = "SEAL"
        binding = "[schannel,%s]" % binding
        netlogon_conn = netlogon.netlogon("ncalrpc:%s" % binding,
                                          self.get_loadparm(),
                                          machine_creds)